svchost.exe - too much CPU usage

  • Zwirko
  • Guru
  • Guru
  • User avatar
  • Posts: 1417
  • Loc: 55° N, 3° W

Post 3+ Months Ago

Recently my CPU has been running very high - over 50% continually without respite. From the task manager I see that it is the svchost.exe program that is responsible. I'm using Vista Home Premium.

Image Image



I tried doing various selective start ups and the only one that stopped this craziness was to prevent "Network Store Interface Service" from starting. Disabling that means you can't access the internet though.
I used Process Explorer to look at the properties of this instance of svchost.exe (which appears to have 37 dll's loaded in to it). The "threads > stack" option shows this:
Quote:
ntdll.dll!KiFastSystemCallRet
ws2_32.dll!recv+0x85
ntdll.dll!KiUserApcDispatcher+0x25


My laptop is getting a little hot these days with this problem and also running a significantly slower. Any ideas how to get back down to normality?
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

Download, update & run anti malware from malwarebytes.org
  • Zwirko
  • Guru
  • Guru
  • User avatar
  • Posts: 1417
  • Loc: 55° N, 3° W

Post 3+ Months Ago

Thanks for that - seems to have licked the problem; CPU usage is now down to a nice 3-4 %.

All morning I've been scanning my system with various tools, none of which found anything other than a few dodgy cookies. Malwarebytes is the only one that has done anything that could be labelled as "successful".

It found these:

Quote:
Files Infected:
C:\Users\dak\AppData\Roaming\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\dak\Local Settings\Application Data\Windows Server\ufqlhg.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\dak\Templates\memory.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\dak\AppData\Local\alndmerb.dll (Trojan.Agent.U) -> Delete on reboot.
C:\Users\dak\AppData\Local\ijepemiy.dll (Trojan.Agent.U) -> Delete on reboot.


I'd been looking at those three dll's for a while now, wondering what they were but couldn't manage to delete them or even find them. Previously, I've tried preventing then from loading at startup, but they refused to comply.

Although my laptop is now running smoothly there is a minor issue at startup: something complains that alndmerb.dll and ijepemiy.dll can't be found. I just click "ok" and everything seems normal (so far). Hope it's not serious?

Image


Edit: Done some cleaning of the registry and everything now seems back to normal.

Thanks for your help Don.
  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

I'm glad it's all working.

Post Information

  • Total Posts in this topic: 4 posts
  • Users browsing this forum: No registered users and 106 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.